cyber threats are increasing day by day. and also growing up in high level with a high speed. which ever the platforms are they are spreading very fast.after the death of Ransomware a the CopyCat malware is growing up. CopyCat is a malware that infects android devices.
Researcher has found that over 14 million android devices is infected by CopyCat malware which may include your device also this malware roots the phone which is infected and gains administrative privileges. Their main aim is making money by displaying ads in our phones screen.
This malware is spread when we install apps from unknown sources in our phone. Some apps are not available in google play-store because they are malicious apps that may be a malware. CopyCat malware has earned about $1.5 million(9.6 crores INR) with your phone! in about 2 months.
CopyCat uses the vulnerabilities in the Android devices to get into the users phone. Thes uses some unrelieved Technics to steal the ad revenues. It infected about 300,000 Android users in the United States. However their major target was south asian countries such as India , Pakistan ..etc. Southasian countries are the major targets of malware because they uses smartphones very carelessly and less securely. The CopyCat malware was being spread under a campaign and it used to infect device and subsequently root them, gaining the full control of the smartphone.
The researchers define CopyCat as "a fully developed malware with vast capabilities, including rooting devices, establishing persistency, and injecting code into the Zygote", which is a primary Android app launching process. After a device is infected by CopyCat, it further holds itself until the device reboots and then it tries to root the device. As an attempt to root the device, the malware uses six vulnerabilities possessed by Android 5.0 Lollipop and earlier versions through an 'upgrade' acquired through Amazon Web Service storage. Although the flaws found by researchers was capable enough for earlier Android versions, it could still be persistent in the devices that have not been patched or updated in last two years.
As we said, after it exploits the vulnerabilities of Android, the CopyCat malware starts the malicious code injection process to the Zygote app launching process and then generates illicit revenue by installing apps and further replacing the user's referrer ID with that of attackers. It additionally starts displaying fraud ads and apps. This kind of a technique was earlier used by the Triada Trojan, which targeted devices to gain superuser privileges before making use of regular Linux debugging tools to embed its DLL and infect mobile browsers.
Goolge has achieved to rescue so many affected devices from CopyCat.
No comments:
Post a Comment